Re: Regarding Tomcat url redirection
Hello Chris, I figured out how I can it make it work with 443. Now the URls are working. I added iptables route 443 to 8443 and it started working. nslookup example.lbg.com Non-authoritative answer: Name:server.lbg.com Address: 192.168.200.105 Aliases: example.lbg.com I have some application towl running with apache tomcat. I have the below URLs working. https://server.lbg.com:8443/towl https://server.lbg.com https://example.lbg.com https://example.lbg.com/towl Now i wanted to disable the url https://example.lbg.com/towl and https://server.lbg.com and access only the other remaining two. In the end our goal to makesure that the links are not always dead as soon as the towl is moved to a new machine. Can you pelase assit me how to do that ? Thanks, Lavanya On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > Lavanya, > > On 4/30/24 07:10, lavanya tech wrote: > > Can you tell me how to do the below ? How should I setup Tomcat in > > server.xml ? > > > > > > If you want to use port 443 (the default port for HTTPS) then you will > > need to change Tomcat to bind to port 443 (if that's allowed on your OS) > > or arrange to have port 443 routed to port 8443. You may need additional > > configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat > > generate URLs with ":8443" in them. > > > > Looking forward to your reply. > > If Tomcat is listening on port 8443 then you will need to include that > in your URL, period. If you want to allow URLs without a port number, > you will have to arrange to have something listening on port 443. > > On Windows, Tomcat can listen directly on port 443. On UNIX and > UNIX-like systems, you won't be able to do this without running Tomcat > as root WHICH YOU ABSOLUTELY SHOULD NOT DO. > > There are other ways to get port 443 working, but I'll need to know more > about your environment. The port issue is "easier" than figuring out > whatever is going on with your DNS, aliases, etc. so I would recommend > we fix one thing at a time. > > -chris > > > On Mon, Apr 29, 2024 at 2:03 PM lavanya tech > > wrote: > > > >> Hi Chris, > >> > >> There is no issues with browser, because I tested with different > browsers > >> and it all works fine. I am sure that there is no issue with the > >> certificate. > >> Because I was able to establish successful connections with port > 8443, it > >> just doesnot work with out port > >> > >> curl https://example.lbg.com/towl > >> curl: (56) Received HTTP code 504 from proxy after CONNECT > >> curl: (56) Received HTTP code 504 from proxy after CONNECT > >> > >> > >> If you want to use port 443 (the default port for HTTPS) then you will > >> need to change Tomcat to bind to port 443 (if that's allowed on your OS) > >> or arrange to have port 443 routed to port 8443. You may need additional > >> configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat > >> generate URLs with ":8443" in them. > >> > >> >> connectionTimeout="2" > >> redirectPort="8443" > >> maxThreads="150" > >> scheme="https" secure="true" SSLEnabled="true" > >> keystoreFile="path_to_your_keystore_file" > >> keystorePass="your_keystore_password" > >> keystoreType="PKCS12" > >> clientAuth="false" sslProtocol="TLS" > >> proxyPort="443"/> > >> > >> should i use connect port like the above ? But you mentioned before we > >> dont need any configuration changes. Please clarify I am not able to > figure > >> this out and I have this issue many days pending. How to make it work > with > >> port 8443 and with out port > >> > >> Also I wanted to use weburl with alias name permanently instead of the > >> hostname. How can I achieve both > >> > >> Thanks, > >> Lavanya > >> > >> > >>--> > >> > >> > >> On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz < > >> ch...@christopherschultz.net> wrote: > >> > >>> Lavanya, > >>> > >>> On 4/25/24 07:24, lavanya tech wrote: > Hi Chris, > > One question / doubt: > > As I mentioned earlier, the below URLS already working in the browser > > https://server.lbg.com:8443/towl > > https://example.lbg.com:8443/towl -> redirect ( which means when I > >>> hit in > browser) it points to https://server.lbg.com:8443/towl ---> To be > >>> frank, > even I donot need redirect here, not sure why it redirects. > > My question is why its working even though SAN is not registered with > >>> the > certificate ? It doesnot even throw warning in the browser. > >>> > >>> I'm not sure. Is it possible you have dismissed this error in the past > >>> and the browser is remembering that? Try this with a different web > >>> browser or maybe with curl from the command-line to see what happens. > >>> > Why https://server.lbg.com/towl or https://example.lbg.com/towl --> > >>> How it > should work with New SAN certificate ?
Re: Regarding Tomcat url redirection
Lavanya, On 5/8/24 06:48, lavanya tech wrote: I figured out how I can it make it work with 443. Now the URls are working. I added iptables route 443 to 8443 and it started working. nslookup example.lbg.com Non-authoritative answer: Name:server.lbg.com Address: 192.168.200.105 Aliases: example.lbg.com I have some application towl running with apache tomcat. I have the below URLs working. https://server.lbg.com:8443/towl https://server.lbg.com https://example.lbg.com https://example.lbg.com/towl Now i wanted to disable the url https://example.lbg.com/towl and https://server.lbg.com and access only the other remaining two. Is that a typo? You want specifically https://server.lbg.com/towl and https://example.lbg.com/ to point to your application? I would *highly* recommend that you pick either /towl or / and not try to do both, unless you want to deploy the application twice (which is fine, just deploy towl.war and ROOT.war as copies of each other). If you try to re-write /towl to / or / to /towl, you'll find you spend the rest of your days tracking-down edge-cases and "fixing" them -- likely making things confusing and, probably, worse. In the end our goal to makesure that the links are not always dead as soon as the towl is moved to a new machine. Can you pelase assit me how to do that? The goal should be that "moving" the application only means changing DNS and everything else works as expected. If you: 1. Deploy the application with a single context (e.g. /towl, which I recommend) 2. Re-direct / to /towl (this requires a reverse-proxy or a ROOT application that does nothing but redirect ; my personal preference) 3. Do not define any other than "localhost" and make it the default. Do not bother with any elements since they are not necessary. Moving the application should only require that you: 4. Deploy the same application with the same configuration in the new location 5. Change DNS to point example.lbg.com and server.lbg.com to the new location of the service Hope that helps, -chris On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz < ch...@christopherschultz.net> wrote: Lavanya, On 4/30/24 07:10, lavanya tech wrote: Can you tell me how to do the below ? How should I setup Tomcat in server.xml ? If you want to use port 443 (the default port for HTTPS) then you will need to change Tomcat to bind to port 443 (if that's allowed on your OS) or arrange to have port 443 routed to port 8443. You may need additional configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat generate URLs with ":8443" in them. Looking forward to your reply. If Tomcat is listening on port 8443 then you will need to include that in your URL, period. If you want to allow URLs without a port number, you will have to arrange to have something listening on port 443. On Windows, Tomcat can listen directly on port 443. On UNIX and UNIX-like systems, you won't be able to do this without running Tomcat as root WHICH YOU ABSOLUTELY SHOULD NOT DO. There are other ways to get port 443 working, but I'll need to know more about your environment. The port issue is "easier" than figuring out whatever is going on with your DNS, aliases, etc. so I would recommend we fix one thing at a time. -chris On Mon, Apr 29, 2024 at 2:03 PM lavanya tech wrote: Hi Chris, There is no issues with browser, because I tested with different browsers and it all works fine. I am sure that there is no issue with the certificate. Because I was able to establish successful connections with port 8443, it just doesnot work with out port curl https://example.lbg.com/towl curl: (56) Received HTTP code 504 from proxy after CONNECT curl: (56) Received HTTP code 504 from proxy after CONNECT If you want to use port 443 (the default port for HTTPS) then you will need to change Tomcat to bind to port 443 (if that's allowed on your OS) or arrange to have port 443 routed to port 8443. You may need additional configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat generate URLs with ":8443" in them. should i use connect port like the above ? But you mentioned before we dont need any configuration changes. Please clarify I am not able to figure this out and I have this issue many days pending. How to make it work with port 8443 and with out port Also I wanted to use weburl with alias name permanently instead of the hostname. How can I achieve both Thanks, Lavanya --> On Fri, Apr 26, 2024 at 9:28 PM Christopher Schultz < ch...@christopherschultz.net> wrote: Lavanya, On 4/25/24 07:24, lavanya tech wrote: Hi Chris, One question / doubt: As I mentioned earlier, the below URLS already working in the browser https://server.lbg.com:8443/towl https://example.lbg.com:8443/towl -> redirect ( which means when I hit in browser) it points to https://server.lbg.com:8443/towl ---> To be frank, even I donot need redirect here, not sure why it redirects.
Re: FileUpload class not working with Tomcat 10.1
On 5/7/2024 4:52 PM, Christopher Schultz wrote:
Mark,
On 5/3/24 12:16, Mark Foley wrote:
On 4/23/24 18:44, Chuck Caldarale wrote:
uploadfile
uploadfile
/schDistImportResults.jsp
The first servlet is named “uploadfile”.
On Apr 23, 2024, at 12:42, Mark Foley wrote:
Now I need to add another program to the system that does file
uploads. I
created another definition in WEB-INF/web.xml following
the original:
uploadfile
uploadfile
/1099R-Etrans.jsp
This second servlet is also named “uploadfile”.
That didn't work so well. Now, any and all programs using the
fileupload
function launches this 2nd program 1099R-Etrans.jsp. It appears
that this
second definition replaces the first.
You gave them the same names, so the second one wins...
What magic were you expecting to differentiate between the two?
- Chuck
I can easily change the name of the second servlet, but how would
the respective jsp programs (schDistImportResults.jsp,
1099R-Etrans.jsp) specify one or the other? The programs do:
String contentType = request.getContentType();
if (contentType.startsWith("multipart/form-data;"))
{
Part fileUpload = request.getPart("taxResults"); // for
schDistImportResults.jsp
// or
Part fileUpload = request.getPart("vendor1099-MISC"); // for
1099R-Etrans.jsp
InputStream inFile = fileUpload.getInputStream();
:
}
That's it. There is nothing in the program that specifies a servlet
name. My initial servlet definition (for schDistImportResults.jsp)
was based on the XML suggestion from Christopher Schultz back in
November, 2023. Since only the one jsp program was involved, there
was no discussion of how to specify more than one program in web.xml.
So, I can (and will) give the servlets different names in web.xml,
but how does the jsp program select the one for its use?
Does the JSP need to reference the "program" (servlet?) at all?
The program, as shown above didn'twork at all until I put that servlet
definition on WEB-INF/web.xml, so I suppose the answer is "yes". As to
why, I have not a clue.
When you make a request, Tomcat determines which servlet in your
application will service the request. If that's a JSP, then the JSP is
invoked. A JSP just compiles to a servlet, just as if you had written
a .java file with a class that "extends HttpServlet" or similar.
It's not clear what "the program" is: JSP or servlet? Or something else?
The programs are written in Java/JSP and, yes, Tomcat "compiles" them to
.class -- probably servlets.
It's also not clear how "the program" would or should reference a
servlet name.
Maybe you can explain (again)?
-chris
I think I may have figured this out. Here are my two servlet definitions
in WEB-INF/web.xml:
uploadfile
/schDistImportResults.jsp
/tmp
20848820
418018841
1048576
uploadfile
/schDistImportResults.jsp
*upload1099*
/1099R-Etrans.jsp
/tmp
20848820
418018841
1048576
*upload1099*
/1099R-Etrans.jsp
In the 2nd definition, Taking Chuck's hint, I changed the servlet-name
to "upload1099". That seemed to work for the 1099R-Etrans.jsp program,
but I haven't been able to test the schDistImportResults.jsp program yet
to see if I broke that one. Why these definitions are needed in web.xml
and how all that works under the hood is, as Chuck said, "magic".
Re: Regarding Tomcat url redirection
Hi Chris, Thanks. Just giving background again of this topic again. 1) The application team who is working they wanted to access the url https://server.lbg.com:8443/towl —> which should redirect or point to https://example.lbg.com Is that a typo? You want specifically https://server.lbg.com/towl and https://example.lbg.com/ to point to your application? — It’s not the Typo the requirements are still the same. 2) Hence I added firewall rule to redirect port 443 to 8443. And the url https://example.lbg.com started working but its pointing to https://server.lbg.com:8443 indeed and not https://server.lbg.com:8443/towl But then they wanted the point 1 to have it. If I understood correctly. So basically to achieve this we wanted a reverse proxy setup ? I didnot define any additional host in server.xml file on just left to default to local host. Thanks, Lavanya On Wednesday, May 8, 2024, Christopher Schultz wrote: > Lavanya, > > On 5/8/24 06:48, lavanya tech wrote: > >> I figured out how I can it make it work with 443. Now the URls are >> working. >> I added iptables route 443 to 8443 and it started working. >> >> nslookup example.lbg.com >> >> Non-authoritative answer: >> Name:server.lbg.com >> Address: 192.168.200.105 >> Aliases: example.lbg.com >> >> >> I have some application towl running with apache tomcat. I have the below >> URLs working. >> >> https://server.lbg.com:8443/towl >> https://server.lbg.com >> https://example.lbg.com >> https://example.lbg.com/towl >> >> >> Now i wanted to disable the url https://example.lbg.com/towl and >> https://server.lbg.com and access only the other remaining two. >> > > > I would *highly* recommend that you pick either /towl or / and not try to > do both, unless you want to deploy the application twice (which is fine, > just deploy towl.war and ROOT.war as copies of each other). If you try to > re-write /towl to / or / to /towl, you'll find you spend the rest of your > days tracking-down edge-cases and "fixing" them -- likely making things > confusing and, probably, worse. > > In the end our goal to makesure that the links are not always dead as soon >> as the towl is moved to a new machine. Can you pelase assit me how to do >> that? >> > > The goal should be that "moving" the application only means changing DNS > and everything else works as expected. > > If you: > > 1. Deploy the application with a single context (e.g. /towl, which I > recommend) > > 2. Re-direct / to /towl (this requires a reverse-proxy or a ROOT > application that does nothing but redirect ; my personal preference) > > 3. Do not define any other than "localhost" and make it the > default. Do not bother with any elements since they are not > necessary. > > Moving the application should only require that you: > > 4. Deploy the same application with the same configuration in the new > location > > 5. Change DNS to point example.lbg.com and server.lbg.com to the new > location of the service > > Hope that helps, > -chris > > On Tue, Apr 30, 2024 at 5:44 PM Christopher Schultz < > ch...@christopherschultz.net> wrote: > > Lavanya, > > On 4/30/24 07:10, lavanya tech wrote: > > Can you tell me how to do the below ? How should I setup Tomcat in > server.xml ? > > > If you want to use port 443 (the default port for HTTPS) then you will > need to change Tomcat to bind to port 443 (if that's allowed on your OS) > or arrange to have port 443 routed to port 8443. You may need additional > configuration in Tomcat (specifically: proxyPort) to avoid having Tomcat > generate URLs with ":8443" in them. > > Looking forward to your reply. > > > If Tomcat is listening on port 8443 then you will need to include that > in your URL, period. If you want to allow URLs without a port number, > you will have to arrange to have something listening on port 443. > > On Windows, Tomcat can listen directly on port 443. On UNIX and > UNIX-like systems, you won't be able to do this without running Tomcat > as root WHICH YOU ABSOLUTELY SHOULD NOT DO. > > There are other ways to get port 443 working, but I'll need to know more > about your environment. The port issue is "easier" than figuring out > whatever is going on with your DNS, aliases, etc. so I would recommend > we fix one thing at a time. > > -chris > > On Mon, Apr 29, 2024 at 2:03 PM lavanya tech > wrote: > > Hi Chris, > > There is no issues with browser, because I tested with different > > browsers > > and it all works fine. I am sure that there is no issue with the > certificate. >Because I was able to establish successful connections with port > > 8443, it > > just doesnot work with out port > >curl https://example.lbg.com/towl > curl: (56) Received HTTP code 504 from proxy after CONNECT > curl: (56) Received HTTP code 504 from proxy after CONNECT > > > If you want to use port 443 (the default port for HTTPS) then you will > need to change Tomcat to bind to port 443 (if that's allowed on your OS) > or arrange to have port 44
